Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa
File: 326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa (raw, json)
Hash identifier: D7vq42LlJ1JkjKrlS8EXaLer6htaFFui19vj1Iz46+0=
Subject key identifier: 59:22:74:BC:07:C0:23:59:FA:8E:F6:EE:72:89:34:C8:2C:DC:F4:B7
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 49902B2AC3CA473EFF500E530CA42C00D882245C
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa
Signing time: Sun 24 Aug 2025 21:55:31 +0000
ROA not before: Sun 24 Aug 2025 21:50:31 +0000
ROA not after: Sun 23 Aug 2026 21:55:31 +0000
asID: 214365
IP address blocks: 2a14:1ec7:fa00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.mft
rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 06:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:90:2b:2a:c3:ca:47:3e:ff:50:0e:53:0c:a4:2c:00:d8:82:24:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Aug 24 21:50:31 2025 GMT
Not After : Aug 23 21:55:31 2026 GMT
Subject: CN=592274BC07C02359FA8EF6EE728934C82CDCF4B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:d1:42:11:dd:50:91:67:e8:66:ae:54:6a:97:
99:d3:a4:aa:b0:7c:09:70:88:96:a6:24:a3:6a:77:
7e:98:25:46:3b:6d:e2:14:ad:b8:6d:9e:1c:01:01:
ba:51:5c:70:89:2f:b1:fd:c8:4e:54:d3:0c:9b:4e:
7e:1f:c0:5b:2e:28:75:ad:50:c4:94:8b:1c:56:2e:
d1:bc:49:ea:79:25:29:47:70:b8:fe:d1:62:7e:84:
20:8e:53:b2:55:61:69:3c:99:63:96:a4:f9:7f:61:
01:f8:fa:ec:dc:59:ba:19:9f:a4:87:d5:f2:91:fd:
d7:82:a2:f0:d8:34:0e:42:80:73:a5:02:21:4a:3a:
3f:ea:b6:42:70:1e:4a:e6:17:64:7b:92:39:33:8a:
94:9a:c3:04:2f:89:a9:94:4a:4b:7f:f0:a1:13:b5:
1a:eb:3a:a9:14:ea:06:1c:cd:cd:0b:56:a7:0c:4b:
cb:33:5f:41:b0:9e:0c:a1:66:c5:0e:b6:f1:d1:65:
f3:dd:2b:a0:d9:36:e7:ae:42:f7:6a:c9:7d:df:4e:
9e:e8:f2:ed:e0:8b:61:9b:cf:55:32:5a:b5:ae:01:
ee:f1:57:22:24:45:dc:b6:9d:16:72:30:5b:3b:d0:
a5:9b:d7:93:79:ee:3b:53:fc:75:7f:a6:a4:4e:6c:
90:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:22:74:BC:07:C0:23:59:FA:8E:F6:EE:72:89:34:C8:2C:DC:F4:B7
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a666130303a3a2f34302d3438203d3e20323134333635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fa00::/40
Signature Algorithm: sha256WithRSAEncryption
8c:9e:43:f6:87:61:dd:ca:ff:79:41:78:77:f9:be:35:a3:b8:
c5:eb:dd:57:9a:ca:ff:12:8f:a3:5a:9c:d1:dc:e9:2c:75:37:
6a:06:c5:ce:89:41:e1:74:48:90:86:a0:44:8f:6e:cf:fb:ea:
91:23:43:5f:2b:2e:36:c6:60:0e:f4:c5:b6:ec:c9:4a:64:fa:
1f:9a:f1:41:e7:08:3a:eb:73:e2:e6:a3:b6:f4:98:55:7c:1d:
90:93:a4:25:fd:ad:e5:4a:e3:08:99:b0:b4:82:20:aa:ca:68:
17:15:f5:cc:6b:ff:ca:a6:da:ba:6c:7b:2e:e5:ac:72:be:da:
62:4a:e1:c8:9a:83:c1:3b:00:cc:66:b5:6b:21:35:2b:fa:79:
30:ff:f0:0b:b4:21:8c:36:9f:5d:e0:55:3f:03:55:60:fa:b2:
08:e6:8e:0d:44:58:24:67:b1:e1:0d:be:a5:56:31:bc:07:9d:
d0:4c:5e:08:01:b8:1c:59:9b:63:25:ff:80:ee:73:8a:d3:e1:
be:f6:36:5a:f7:c7:89:d4:3c:13:ea:7a:b3:e7:d2:9c:89:f3:
89:c4:25:e6:c0:ce:f9:91:4b:0a:a3:7f:d6:37:56:de:87:77:
27:8d:ca:53:2a:89:3a:7e:71:7b:e6:3d:70:01:af:aa:5a:93:
1b:53:64:e7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUSZArKsPKRz7/UA5TDKQsANiCJFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNTA4MjQyMTUwMzFaFw0yNjA4MjMyMTU1MzFaMDMxMTAvBgNV
BAMTKDU5MjI3NEJDMDdDMDIzNTlGQThFRjZFRTcyODkzNEM4MkNEQ0Y0QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD80UIR3VCRZ+hmrlRql5nTpKqw
fAlwiJamJKNqd36YJUY7beIUrbhtnhwBAbpRXHCJL7H9yE5U0wybTn4fwFsuKHWt
UMSUixxWLtG8Sep5JSlHcLj+0WJ+hCCOU7JVYWk8mWOWpPl/YQH4+uzcWboZn6SH
1fKR/deCovDYNA5CgHOlAiFKOj/qtkJwHkrmF2R7kjkzipSawwQviamUSkt/8KET
tRrrOqkU6gYczc0LVqcMS8szX0GwngyhZsUOtvHRZfPdK6DZNueuQvdqyX3fTp7o
8u3gi2Gbz1UyWrWuAe7xVyIkRdy2nRZyMFs70KWb15N57jtT/HV/pqRObJC7AgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUWSJ0vAfAI1n6jvbucok0yCzc9LcwHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2E2NjYxMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMzMzYzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUHsf6MA0GCSqGSIb3DQEBCwUAA4IBAQCMnkP2h2Hdyv95QXh3
+b41o7jF691Xmsr/Eo+jWpzR3OksdTdqBsXOiUHhdEiQhqBEj27P++qRI0NfKy42
xmAO9MW27MlKZPofmvFB5wg663Pi5qO29JhVfB2Qk6Ql/a3lSuMImbC0giCqymgX
FfXMa//Kptq6bHsu5axyvtpiSuHImoPBOwDMZrVrITUr+nkw//ALtCGMNp9d4FU/
A1Vg+rII5o4NRFgkZ7HhDb6lVjG8B53QTF4IAbgcWZtjJf+A7nOK0+G+9jZa98eJ
1DwT6nqz59KcifOJxCXmwM75kUsKo3/WN1beh3cnjcpTKok6fnF75j1wAa+qWpMb
U2Tn
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:33:35 2025 by rpki-client